-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add SAML Service Provider library #99
Commits on Feb 24, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 271070e - Browse repository at this point
Copy the full SHA 271070eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 844cf64 - Browse repository at this point
Copy the full SHA 844cf64View commit details -
Configuration menu - View commit details
-
Copy full SHA for be8fcfd - Browse repository at this point
Copy the full SHA be8fcfdView commit details
Commits on Mar 5, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 07dc410 - Browse repository at this point
Copy the full SHA 07dc410View commit details
Commits on Mar 24, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 6bfc10b - Browse repository at this point
Copy the full SHA 6bfc10bView commit details
Commits on Mar 31, 2023
-
Configuration menu - View commit details
-
Copy full SHA for ebb26dd - Browse repository at this point
Copy the full SHA ebb26ddView commit details
Commits on Apr 6, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 78c96fb - Browse repository at this point
Copy the full SHA 78c96fbView commit details
Commits on May 16, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 34dfaa4 - Browse repository at this point
Copy the full SHA 34dfaa4View commit details
Commits on Jun 19, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 2e1bc6a - Browse repository at this point
Copy the full SHA 2e1bc6aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 591348c - Browse repository at this point
Copy the full SHA 591348cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7643ae2 - Browse repository at this point
Copy the full SHA 7643ae2View commit details
Commits on Jun 20, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 6a481be - Browse repository at this point
Copy the full SHA 6a481beView commit details -
Configuration menu - View commit details
-
Copy full SHA for 60ef9d1 - Browse repository at this point
Copy the full SHA 60ef9d1View commit details
Commits on Jun 22, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 74602fa - Browse repository at this point
Copy the full SHA 74602faView commit details
Commits on Jun 23, 2023
-
Configuration menu - View commit details
-
Copy full SHA for c312bf9 - Browse repository at this point
Copy the full SHA c312bf9View commit details
Commits on Aug 3, 2023
-
Configuration menu - View commit details
-
Copy full SHA for f73816c - Browse repository at this point
Copy the full SHA f73816cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 11a894d - Browse repository at this point
Copy the full SHA 11a894dView commit details
Commits on Aug 6, 2023
-
As part of the tests, this commit refactors the sp.go and adds a test provider with the feature to serve a metadata xml.
Configuration menu - View commit details
-
Copy full SHA for bde5b10 - Browse repository at this point
Copy the full SHA bde5b10View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8ef39bf - Browse repository at this point
Copy the full SHA 8ef39bfView commit details
Commits on Aug 7, 2023
-
Merge pull request #80 from hashicorp/saml-lib-impl-config-tests
Add tests for Config and ServiceProvider
Configuration menu - View commit details
-
Copy full SHA for e191c39 - Browse repository at this point
Copy the full SHA e191c39View commit details
Commits on Aug 8, 2023
-
Configuration menu - View commit details
-
Copy full SHA for b68b83a - Browse repository at this point
Copy the full SHA b68b83aView commit details -
Merge pull request #81 from hashicorp/saml-lib-creat-authn-req-tests
Add tests for CreateAuthnRequest
Configuration menu - View commit details
-
Copy full SHA for 1c179e8 - Browse repository at this point
Copy the full SHA 1c179e8View commit details
Commits on Aug 9, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 72de8e3 - Browse repository at this point
Copy the full SHA 72de8e3View commit details -
Configuration menu - View commit details
-
Copy full SHA for b511766 - Browse repository at this point
Copy the full SHA b511766View commit details -
Merge pull request #82 from hashicorp/saml-lib-create-meta-options
Add options for CreateMetadata and ParseResponse
Configuration menu - View commit details
-
Copy full SHA for 235b88d - Browse repository at this point
Copy the full SHA 235b88dView commit details
Commits on Aug 10, 2023
-
Configuration menu - View commit details
-
Copy full SHA for fe26844 - Browse repository at this point
Copy the full SHA fe26844View commit details -
Merge pull request #83 from hashicorp/saml-lib-generate-xsdid
Generate xsd:id conform IDs
Configuration menu - View commit details
-
Copy full SHA for a31bf9d - Browse repository at this point
Copy the full SHA a31bf9dView commit details
Commits on Aug 11, 2023
-
Adds ability to provide IdP metadata as XML or individual parameters (#…
…84) * Adds ability to provide IdP metadata as XML or individual parameters * DefaultGenerateAuthRequestID to GenerateAuthRequestID * improve error message for URL parsing config params
Configuration menu - View commit details
-
Copy full SHA for dd6ca8a - Browse repository at this point
Copy the full SHA dd6ca8aView commit details
Commits on Aug 18, 2023
-
Configuration menu - View commit details
-
Copy full SHA for fa03bb6 - Browse repository at this point
Copy the full SHA fa03bb6View commit details
Commits on Aug 21, 2023
-
Merge pull request #85 from hashicorp/saml-lib-add-redirect-tests
Add tests for `AuthnRequestRedirect`
Configuration menu - View commit details
-
Copy full SHA for 3104a0a - Browse repository at this point
Copy the full SHA 3104a0aView commit details
Commits on Aug 23, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 758097e - Browse repository at this point
Copy the full SHA 758097eView commit details
Commits on Aug 25, 2023
-
`DescriptorCommon.ValidUntil` is a `time.Time` struct so the `omitempty` tag has no effect. This patch changes it to be a pointer so that it can be properly omitted. Also in CreateMetadata() we set both `ValidUntil` on the `EntityDescriptorSPSSO` and the inner `SPSSODescriptor`. The spec says validUntil - Optional attribute indicates the expiration time of the metadata contained in the element and any contained elements. so this is actually redundant.
Configuration menu - View commit details
-
Copy full SHA for 963d010 - Browse repository at this point
Copy the full SHA 963d010View commit details -
NameIDFormat is Zero or more elements of type anyURI that enumerate the name identifier formats supported by this system entity acting in this role. See Section 8.3 of [SAMLCore] for some possible values for this element. Vault (and I think Boundary also) do not need it to be an email, the name is used as an opaque string. I suppose most public IdP will have an email for their user but private ones may not have one and use an employee ID or a username instead. I think it's best to keep the default configuration empty to be compatible with such systems.
Configuration menu - View commit details
-
Copy full SHA for 83bd1ed - Browse repository at this point
Copy the full SHA 83bd1edView commit details
Commits on Aug 26, 2023
-
Configuration menu - View commit details
-
Copy full SHA for da17488 - Browse repository at this point
Copy the full SHA da17488View commit details -
fix (saml): code refactoring (#93)
* chore (saml): add demo binary to .gitignore * fix (saml): fix compilation and linter issues * chore (saml): fix some typos * fix (saml): code refactoring
Configuration menu - View commit details
-
Copy full SHA for 81ba871 - Browse repository at this point
Copy the full SHA 81ba871View commit details
Commits on Aug 30, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 28e6250 - Browse repository at this point
Copy the full SHA 28e6250View commit details
Commits on Aug 31, 2023
-
Merge pull request #86 from remilapeyre/indent-xml
Add Option to indent the XML Document
Configuration menu - View commit details
-
Copy full SHA for e1e0b96 - Browse repository at this point
Copy the full SHA e1e0b96View commit details -
Merge pull request #89 from remilapeyre/valid-until
Fix validUntil attribute
Configuration menu - View commit details
-
Copy full SHA for c094d93 - Browse repository at this point
Copy the full SHA c094d93View commit details -
Merge pull request #90 from remilapeyre/saml-lib-name-id-format
Remove NameIDFormat default
Configuration menu - View commit details
-
Copy full SHA for 662992f - Browse repository at this point
Copy the full SHA 662992fView commit details -
Merge pull request #94 from hashicorp/saml-lib-test-provider-post
Implement HTTP-POST binding endpoint for the test provider
Configuration menu - View commit details
-
Copy full SHA for 20e4bdf - Browse repository at this point
Copy the full SHA 20e4bdfView commit details
Commits on Sep 1, 2023
-
Adds Response type definition using gosaml2 type (#96)
* save progress * Adds Response type definition using gosaml2 type * Adds response test back
Configuration menu - View commit details
-
Copy full SHA for d4e3e8f - Browse repository at this point
Copy the full SHA d4e3e8fView commit details -
Add support for custom ACS URL in CreateAuthnRequest() and ParseRespo…
…nse() (#95) * Add support for custom ACS URL in CreateAuthnRequest() and ParseResponse() The URL can now be customized using `WithAssertionConsumerServiceURL()` in both functions. To validate the behavior I added a short test for `ServiceProvider.ParseResponse`. It only checks the error to make sure `WithAssertionConsumerServiceURL()` for now but can be extended in the future. Also fix a docstring and gives the custom clock from `WithClock()` to the internal parser. * Fix code review
Configuration menu - View commit details
-
Copy full SHA for 984a901 - Browse repository at this point
Copy the full SHA 984a901View commit details -
* Run the tests in CI When can remove this before merging on master but it would be good to have the CI working on our branch * Backport of 5283f33
Configuration menu - View commit details
-
Copy full SHA for f457d6d - Browse repository at this point
Copy the full SHA f457d6dView commit details
Commits on Sep 9, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 5eb0db6 - Browse repository at this point
Copy the full SHA 5eb0db6View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2adf73d - Browse repository at this point
Copy the full SHA 2adf73dView commit details -
Configuration menu - View commit details
-
Copy full SHA for bf2781a - Browse repository at this point
Copy the full SHA bf2781aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7246b1b - Browse repository at this point
Copy the full SHA 7246b1bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 83f7531 - Browse repository at this point
Copy the full SHA 83f7531View commit details -
Merge pull request #100 from hashicorp/saml-lib-fixup-modules
SAML Library fixup
Configuration menu - View commit details
-
Copy full SHA for d255ea8 - Browse repository at this point
Copy the full SHA d255ea8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 319eae1 - Browse repository at this point
Copy the full SHA 319eae1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3ae9339 - Browse repository at this point
Copy the full SHA 3ae9339View commit details -
saml: minor code improvements (#101)
* fix (saml): address possible panic if clock.Clock is nil * fix (saml): fix possible panic in WithAdditionalACSEndpoint(...) changed location url to be passed by value to eliminate possible panic * refactor (saml): add WithMetadataNameIDFormat(...) Refactor WithAdditionalNameIDFormat(...) and WithNameIDFormats(...) into one new option WithMetadataNameIDFormat(...) * fix (saml): address possible panics in saml handlers * tests (saml): minor code improvements
Configuration menu - View commit details
-
Copy full SHA for 3a603e1 - Browse repository at this point
Copy the full SHA 3a603e1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 196ed07 - Browse repository at this point
Copy the full SHA 196ed07View commit details -
Configuration menu - View commit details
-
Copy full SHA for 922e227 - Browse repository at this point
Copy the full SHA 922e227View commit details -
Configuration menu - View commit details
-
Copy full SHA for 65e368b - Browse repository at this point
Copy the full SHA 65e368bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 136094c - Browse repository at this point
Copy the full SHA 136094cView commit details -
Configuration menu - View commit details
-
Copy full SHA for c2acd28 - Browse repository at this point
Copy the full SHA c2acd28View commit details -
Configuration menu - View commit details
-
Copy full SHA for cb03a93 - Browse repository at this point
Copy the full SHA cb03a93View commit details
Commits on Sep 10, 2023
-
Merge pull request #103 from hashicorp/saml-lib-fixup-julz2
More SAML library fixes
Configuration menu - View commit details
-
Copy full SHA for 6f5c72b - Browse repository at this point
Copy the full SHA 6f5c72bView commit details
Commits on Sep 13, 2023
-
Add caching support to IDPMetadata() (#102)
* Add caching support to IDPMetadata() Caching the metadata document will avoid an additional round-trip to the IDP for every connection. The Metadata for the OASIS Security Assertion Markup Language says regarding caching: 4.3 Post-Processing of Metadata The following sections describe the post-processing of metadata. 4.3.1 Metadata Instance Caching [E94] Document caching MUST be based on the duration indicated by the cacheDuration attribute of the subject element(s). If metadata elements have parent elements which contain caching policies, the parent element takes precedence. To properly process the cacheDuration attribute, consumers must retain the date and time when an instance was obtained. Note that cache expiration does not imply a lack of validity in the absence of a validUntil attribute or other information; failure to update a cached instance (e.g., due to network failure) need not render metadata invalid, although implementations may offer such controls to deployers. When a document or element has expired, the consumer MUST retrieve a fresh copy, which may require a refresh of the document location(s). Consumers SHOULD process document cache processing according to [RFC2616] Section 13, and MAY request the Last-Modified date and time from the HTTP server. Publishers SHOULD ensure acceptable cache processing as described in [RFC2616] (Section 10.3.5 304 Not Modified). 4.3.2 [E94] Metadata Instance Validity Metadata MUST be considered invalid upon reaching the time specified in a validUntil attribute of the subject element(s). The effective expiration may be adjusted downward by parent element(s) with earlier expirations. Invalid metadata MUST NOT be used. This contrasts with "stale" metadata that may be beyond its optimum cache duration but is not explicitly invalid. Such metadata remains valid and MAY be used at the discretion of the implementation. With this change the cached metadata is used until it expires. This behavior can be disabled using WithCache(). Using a stale document when refreshing it fails is disabled by default and users can opt-in using WithStale(). * Address code review comments * Run go mod tidy * Run go mod tidy * Update saml/sp_test.go Co-authored-by: Jim <[email protected]> --------- Co-authored-by: Jim <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for b0ed5aa - Browse repository at this point
Copy the full SHA b0ed5aaView commit details
Commits on Sep 14, 2023
-
refact (saml): ServiceProvider.ParseResponse(...) improvements (#105)
A small refactor and added more unit tests
Configuration menu - View commit details
-
Copy full SHA for ee37514 - Browse repository at this point
Copy the full SHA ee37514View commit details -
Configuration menu - View commit details
-
Copy full SHA for 52c8419 - Browse repository at this point
Copy the full SHA 52c8419View commit details
Commits on Sep 15, 2023
-
saml: adds helpers for response assertions, subject, issuer, and attr…
…ibutes (#104) * saml: adds helpers for response assertions, subject, and attributes * fix up comment * Restructure test, add coverage, add issuer helpers
Configuration menu - View commit details
-
Copy full SHA for a92758c - Browse repository at this point
Copy the full SHA a92758cView commit details
Commits on Sep 20, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 819315e - Browse repository at this point
Copy the full SHA 819315eView commit details -
Merge pull request #110 from hashicorp/saml-lib-readme
Add SAML to README
Configuration menu - View commit details
-
Copy full SHA for e0aaca8 - Browse repository at this point
Copy the full SHA e0aaca8View commit details
Commits on Sep 21, 2023
-
Configuration menu - View commit details
-
Copy full SHA for c4603a1 - Browse repository at this point
Copy the full SHA c4603a1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7947406 - Browse repository at this point
Copy the full SHA 7947406View commit details -
Configuration menu - View commit details
-
Copy full SHA for b261a01 - Browse repository at this point
Copy the full SHA b261a01View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9346964 - Browse repository at this point
Copy the full SHA 9346964View commit details